UNLOCKING: HOW TO PREVENT WIFI MAC AND NVITEMS LOSS

John W

Posted 13 November 2011 - 01:24 AM

John W

Newbie

Members

27 posts

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

glossywhite

Posted 13 November 2011 - 01:45 AM

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

John W

Posted 13 November 2011 - 01:48 AM

John W

Newbie

Members

27 posts

Doesn't Channel1.nvm contain this info?

I thought it did, BUT when I try doing an A/B comparison between restoring Channel1.nvm and the QCN file, QCN works, Channel1.nvm doesn't. The QCN file is much bigger than Channel1.nvm and I suspect contains more than it (rather than just being in a less efficient format).

xiaoyaoswim

Posted 13 November 2011 - 01:49 AM

xiaoyaoswim

Diehard

Members

365 posts

Gender:Male

Devices:ZTE Skate

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Well done John, that's really a brilliant finding! Hope this could finally make a perfect solution.Could someone pls try and confirm this?

glossywhite

Posted 13 November 2011 - 03:15 AM

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

xiaoyaoswim

Posted 13 November 2011 - 03:34 AM

xiaoyaoswim

Diehard

Members

365 posts

Gender:Male

Devices:ZTE Skate

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

Good job! For those who have done unlocking & suffer the loss of MAC, to hex edit the QCN file and restore is a good idea. But as John pointed out, there is potentially other loss of NV items, which could be hard to manually modify.

As to Channel1.nvm, I once noticed on a Chinese forum that, some guy working on another ZTE Android handset found IMEI and BT MAC in it, but no WLAN MAC.

I think the most exciting thing is that more and more bright people are joining to make the unlocking solution better and better.

tillaz

Posted 13 November 2011 - 03:40 AM

tillaz

Hardcore

Developer Team

5,883 posts

Gender:Male

Location:Googleplex

Interests:Space

Devices:Moto X

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

On Stock Orange, after I hex-edited my ORIGINAL MAC into the *.QCN backup of my NV_ITEMS, flashed my hex-edited *.QCN back to the phone using QPST in FTM mode, and rebooted, there was my ORIGINAL MAC (which I had inserted in place of the template 112233445566, using hexeditor). Restoring my BlueMonte Now, no reason to doubt it will be sitting there waiting for me

I'm not scared, it's just a phone!

[UPDATE]

That fixes it! There was my MAC, waiting for me! No more popup!

WooHoo! lol

The /etc/nv_4319, after restoration of my CWM backup, still says "11:22:33:44:55:66" in the un-commented line, but I have a feeling the HARDWARE flashed MAC overrides this.

Droid 007

Posted 13 November 2011 - 01:43 PM

Droid 007

Newbie

Members

32 posts

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

glossywhite

Posted 13 November 2011 - 01:47 PM

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

Is there a software/app that could be used fix the MAC address?

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Droid 007

Posted 13 November 2011 - 02:00 PM

Droid 007

Newbie

Members

32 posts

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Will try and do screenshots sometime.

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

glossywhite

Posted 13 November 2011 - 02:19 PM

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

I don't have time to do the whole QPST backup sequence. Hopefully someone else will. But I have made a video which shows the important part; how to edit your MAC address in the *.QCN backup of NVITEMS, and save it, ready for flashing:

BustaRhymes+

Posted 13 November 2011 - 03:01 PM

BustaRhymes+

Newbie

Members

7 posts

Devices:zte skate

Cheers Tilal well I wasnt putting it into ftm mode but now I have I stil cant get it to recognise my phone...same error, I was tempted to just unlock it without saving my mac and other items but I guess that would be kinda stupid.